Use this command to search for users.
Purpose
Use the
searchUsers command
to find users in virtual member manager that match particular criteria.
For example, your can use the
searchUsers command
to find all users with a uid that starts with the letter 'd'.
If
successful, the searchUsers command returns a list
of unique names of all users that match the search criteria.
Note: If the Use global security settings option
is selected for the user realm or the Global federated
repositories option is selected as the realm type for
the specified domain, this command is executed on the federated repository
of the admin domain. However, configuration changes that are performed
on the domain are applied to the security domain-specific configuration.
Syntax
searchUsers { {-cn commonname –sn surname -principalName principalName -uid uid
-mail mail} [-timeLimit tlimit] [-countLimit countlimit] [-clearCache clearCacheMode] [-securityDomainName domainName] }
Exactly
one of the parameters (cn, sn, principalName, uid, or mail) must be
specified. If none or more than one is specified, an exception occurs.
Parameters
- -cn commonname
- Specifies the first name or given name of the user. This parameter
maps to the cn property in virtual member manager.
- -sn surname
- Specifies the last name or family name of the user. This parameter
maps to the sn property in virtual member manager.
- -principalName principalName
- Specifies the principal name of the user that is used as the logon
ID for the user in the system. This parameter maps to the principalName
property in virtual member manager.
- -uid uid
- Specifies the unique ID value for the user that you want to search
for. This parameter maps to the uid property in virtual member manager.
- –timeLimit tlimit
- Specifies the maximum amount of time in milliseconds that the
search can run. The default is no time limit.
- –countLimit countlimit
- Specifies the maximum number of results that you want returned
from the search. By default, all users found in the search are returned.
-clearCache clearCacheMode
- Specifies whether the repository adapter cache should be cleared
before performing the search operation for users.
- The valid value is clearAll, which clears
all of the cached information in the repository adapter. The value
is not case-sensitive. There is no default value for this parameter.
If you do not specify a value, or specify a value other than clearAll,
an error message appears.
Avoid trouble: Frequent use of this
parameter to clear the cache may result in performance degradation.
When the cache is cleared, the subsequent operation has to get the
details from the repository and update the cache with this newly retrieved
data; so the subsequent operation takes longer to complete.
- -securityDomainName domainName
- Specifies the name that uniquely identifies the security domain.
If you do not specify this parameter, the command uses the global
federated repository.
Note: If you define multiple login properties, then
the first login property is programmatically mapped to the federated
repositories principalName property. For example,
if you set uid;mail as the login properties,
the LDAP attribute uid is mapped to the federated
repositories principalName property.
Sample
To search for all users that have a
principal name, issue this command:
$AdminTask searchUsers {-principalName *}
To
search for all users that have a uid that starts with the letter 'd',
issue this command:
$AdminTask searchUsers {-uid d*}